>> I would like to ask if somebody could point me to information on howto >> hook up libpcap to sniff a secure website on HTTPS. I understand I >> have to decrypt the packets probably using openssl, but I wonder if >> there is some howto to guide me. I am on the latest Ubuntu. > > Last I checked, tcpdump supports decrypting IPSec, but not SSL. > However, Wireshark decrypts SSL. You'll need the SSL private key of > the webserver to do
Yes i am aware Wireshark can do it if you provide the private key, but i need to decrypt packets in my own sniffer based on libpcap. I was hoping i am not the first and somebody could gimme some startup pointers, so that i dont have to go through the Wireshark sources... But maybe i am at the wrong place and should turn to the openssl forum instead... Cheers, Andrej- This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
